Overview
You may want to know if Kayako is SOC2 or ISAE3402 compliant for your security controls and want to receive the corresponding assurance report.
Information
We use Amazon Web Services for hosting Kayako. AWS's security is best-in-class and its customers benefit from limitless scalability, improved monitoring and notification, and a series of industry-recognized security certifications including ISO and SOC.
You can access AWS SOC 3 Report for 2021-2022 online.
Additionally, other AWS certificates and reports such as the SOC 2 and the SOC Continued Operations Letter can be retrieved at https://aws.amazon.com/artifact/ by creating a free AWS account or using an existing account. See https://aws.amazon.com/compliance/soc-faqs/ for further details. Unfortunately, under the Terms and Conditions of those AWS docs, we are not allowed to distribute them, but as said you can easily download them for free.
Specifically for Kayako, the product does not have a SOC2, but the policies and procedures are materially consistent with the policies and procedures used by affiliates of the company to achieve a third-party audit report under recognized industry standards such as ISO 27001 and SOC 2.
Our company has implemented an extensive information security program designed to protect information subject to privacy laws, ensure data security and confidentiality, and protect against anticipated threats, hazards, or unauthorized access. Please see attached a summary of our Information Security Program and standard security questionnaire answers in CAIQ format.